[pve-devel] [common 2/9] refactor validating_url
Wolfgang Link
w.link at proxmox.com
Mon Oct 21 12:11:53 CEST 2019
comment inline
On 10/18/19 11:23 AM, Fabian Grünbichler wrote:
> On October 14, 2019 1:08 pm, Wolfgang Link wrote:
>> ---
>> src/PVE/ACME.pm | 12 ++++++++++++
>> src/PVE/ACME/Challenge.pm | 6 ++++++
>> src/PVE/ACME/StandAlone.pm | 32 +++++++++++++++++++++++++++++++-
>> 3 files changed, 49 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/PVE/ACME.pm b/src/PVE/ACME.pm
>> index da4cbcc..c82f297 100644
>> --- a/src/PVE/ACME.pm
>> +++ b/src/PVE/ACME.pm
>> @@ -74,6 +74,18 @@ sub fromjs($) {
>> return from_json($_[0]);
>> }
>>
>> +sub validating_url($$$$) {
>> + my ($acme, $auth, $auth_url, $node_config) = @_;
>> +
>> + my $plugin_type = $node_config->{plugin} ?
>> + $node_config->{plugin} : 'standalone';
>> +
>> + my $plugin = PVE::ACME::Challenge->lookup($plugin_type);
>> + my $challenge = $plugin->supported_challenge_types();
>> + print "Use Plugin $plugin with $challenge as challenge\n";
>> + return $plugin->validating_url($acme, $auth, $auth_url, $node_config);
>> +}
> this file is the low-level ACME protocol library. the actual client
> based on it is in pve-manager..
I understand what you meant by validating_url has not to be done in the
Plugin.
But what you mean with "this file is the low-level ACME protocol library."?
>> +
>> sub fatal($$;$$) {
>> my ($self, $msg, $dump, $noerr) = @_;
>>
>> diff --git a/src/PVE/ACME/Challenge.pm b/src/PVE/ACME/Challenge.pm
>> index 786666c..ced779b 100644
>> --- a/src/PVE/ACME/Challenge.pm
>> +++ b/src/PVE/ACME/Challenge.pm
>> @@ -15,6 +15,12 @@ sub supported_challenge_types {
>> return {};
>> }
>>
>> +sub validating_url {
>> + my ($class, $acme, $auth, $auth_url, $node_config) = @_;
>> +
>> + die "implement me\n";
>> +}
>> +
> see comments on the patch in pve-manager
>
>> sub setup {
>> my ($class, $acme, $authorization) = @_;
>>
>> diff --git a/src/PVE/ACME/StandAlone.pm b/src/PVE/ACME/StandAlone.pm
>> index 3766862..965fb32 100644
>> --- a/src/PVE/ACME/StandAlone.pm
>> +++ b/src/PVE/ACME/StandAlone.pm
>> @@ -13,7 +13,37 @@ sub type {
>> }
>>
>> sub supported_challenge_types {
>> - return { 'http-01' => 1 };
>> + return 'http-01';
>> +}
>> +
>> +sub validating_url {
>> + my ($class, $acme, $auth, $auth_url, $node_config) = @_;
>> +
>> + print "Setting up webserver\n";
>> + my $validation = eval { setup($class, $acme, $auth) };
>> + die "failed setting up webserver - $@\n" if $@;
>> + print "Triggering validation\n";
>> + eval {
>> + $acme->request_challenge_validation($validation->{url}, $validation->{key_auth});
>> + print "Sleeping for 5 seconds\n";
>> + sleep 5;
>> + while (1) {
>> + $auth = $acme->get_authorization($auth_url);
>> + if ($auth->{status} eq 'pending') {
>> + print "Status is still 'pending', trying again in 30 seconds\n";
>> + sleep 30;
>> + next;
>> + } elsif ($auth->{status} eq 'valid') {
>> + print "Status is 'valid'!\n";
>> + last;
>> + }
>> + die "validating challenge '$auth_url' failed\n";
>> + }
>> + };
>> + my $err = $@;
>> + eval { $validation->teardown() };
>> + warn "$@\n" if $@;
>> + die $err if $err;
> same here
>
>> }
>>
>> sub setup {
>> --
>> 2.20.1
>>
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>>
>>
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
More information about the pve-devel
mailing list